I've got a web application running as an AWS ECS Fargate task. The task consists of 2 Docker containers - nginx exposing port 80, running as reverse proxy, forwarding queries to an asp.net core web application exposing port 5000. The url configured in nginx.conf for upstream server is 127.0.0.1:5000, and the task is setup with container networking (awsvpc).
The ECS Service is defined as an autoscaling group of 1 task. When I run the service, AWS sets up an elastic ENI with a public and private ip. I can hit that public ip in a browser and get back a response from my web app, so it seems the ECS part is setup properly.
Next - I've defined an ALB with an http port 80 listener forwarding to a target group for the ECS Service. The target group shows the private ip for the task ENI, so it appears to be setup correctly. Health checks are configured as simple "/", and the task as well as ALB target group report them to be healthy.
However - when I navigate to the DNS name for the LB, I'm unable to get a response.
Additionally - this is running in a non-default VPC. Route table includes an IGW.
Not sure what else I should be checking, so would appreciate some help in troubleshooting further.